|
252081
|
5.9 |
MEDIUM
Network
|
golang
|
go
|
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. T…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-15042
|
2024-11-21 12:13 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252082
|
9.8 |
CRITICAL
Network
|
golang
debian
redhat
|
go
debian_linux
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_eus
enterprise_linux_tus
developer_tools
|
Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but …
|
NVD-CWE-noinfo
|
CVE-2017-15041
|
2024-11-21 12:13 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252083
|
8.1 |
HIGH
Network
|
freebsd
|
freebsd
|
In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' cha…
|
CWE-362
CWE-125
Race Condition
Out-of-bounds Read
|
CVE-2017-15037
|
2024-11-21 12:13 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252084
|
7.5 |
HIGH
Network
|
emtec
|
pyrobatchftp
|
EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash).
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15035
|
2024-11-21 12:13 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252085
|
7.5 |
HIGH
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15033
|
2024-11-21 12:13 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252086
|
9.8 |
CRITICAL
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-15032
|
2024-11-21 12:13 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252087
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error …
|
CWE-369
Divide By Zero
|
CVE-2017-15025
|
2024-11-21 12:13 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252088
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite r…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-15024
|
2024-11-21 12:13 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252089
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote atta…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15023
|
2024-11-21 12:13 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252090
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15022
|
2024-11-21 12:13 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
